116.248.172.40

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-03 17:07:21

Comments on same subnet:

IP	Type	Details	Datetime
116.248.172.135	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-18 00:30:11
116.248.172.135	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-17 16:31:59
116.248.172.135	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-17 07:37:13
116.248.172.241	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-08-11 07:09:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.248.172.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50429
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.248.172.40.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 145 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 17:07:15 CST 2019
;; MSG SIZE  rcvd: 118

Host info

40.172.248.116.in-addr.arpa domain name pointer 40.172.248.116.broad.km.yn.dynamic.163data.com.cn.

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 40.172.248.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.38.40.54	attack	firewall-block, port(s): 9530/tcp	2020-03-10 06:48:19
198.100.146.67	attackbots	Feb 2 02:00:10 woltan sshd[22253]: Failed password for invalid user tester from 198.100.146.67 port 42283 ssh2	2020-03-10 07:13:43
198.211.105.11	attack	Jan 14 01:58:09 ms-srv sshd[11678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.105.11 Jan 14 01:58:10 ms-srv sshd[11678]: Failed password for invalid user alessandra from 198.211.105.11 port 57888 ssh2	2020-03-10 06:50:11
222.186.173.226	attack	Mar 9 23:06:05 localhost sshd[124898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Mar 9 23:06:08 localhost sshd[124898]: Failed password for root from 222.186.173.226 port 53541 ssh2 Mar 9 23:06:11 localhost sshd[124898]: Failed password for root from 222.186.173.226 port 53541 ssh2 Mar 9 23:06:05 localhost sshd[124898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Mar 9 23:06:08 localhost sshd[124898]: Failed password for root from 222.186.173.226 port 53541 ssh2 Mar 9 23:06:11 localhost sshd[124898]: Failed password for root from 222.186.173.226 port 53541 ssh2 Mar 9 23:06:05 localhost sshd[124898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Mar 9 23:06:08 localhost sshd[124898]: Failed password for root from 222.186.173.226 port 53541 ssh2 Mar 9 23:06:11 localhost ...	2020-03-10 07:08:21
198.144.184.34	attackspam	Aug 31 20:28:10 ms-srv sshd[11838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.144.184.34 Aug 31 20:28:13 ms-srv sshd[11838]: Failed password for invalid user identd from 198.144.184.34 port 54538 ssh2	2020-03-10 07:06:37
198.211.102.9	attack	Jul 26 19:36:38 ms-srv sshd[59054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.102.9 user=root Jul 26 19:36:40 ms-srv sshd[59054]: Failed password for invalid user root from 198.211.102.9 port 52507 ssh2	2020-03-10 06:50:36
167.172.18.166	attackbots	Mar 9 06:31:58 v11 sshd[30439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.18.166 user=r.r Mar 9 06:32:00 v11 sshd[30439]: Failed password for r.r from 167.172.18.166 port 35536 ssh2 Mar 9 06:32:00 v11 sshd[30439]: Received disconnect from 167.172.18.166 port 35536:11: Bye Bye [preauth] Mar 9 06:32:00 v11 sshd[30439]: Disconnected from 167.172.18.166 port 35536 [preauth] Mar 9 06:32:54 v11 sshd[30494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.18.166 user=r.r Mar 9 06:32:56 v11 sshd[30494]: Failed password for r.r from 167.172.18.166 port 45928 ssh2 Mar 9 06:32:56 v11 sshd[30494]: Received disconnect from 167.172.18.166 port 45928:11: Bye Bye [preauth] Mar 9 06:32:56 v11 sshd[30494]: Disconnected from 167.172.18.166 port 45928 [preauth] Mar 9 06:33:28 v11 sshd[30520]: Invalid user docker from 167.172.18.166 port 53426 Mar 9 06:33:29 v11 sshd[30520]: Fai........ -------------------------------	2020-03-10 06:43:27
198.199.83.59	attack	Sep 30 19:57:06 ms-srv sshd[17376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.83.59 Sep 30 19:57:08 ms-srv sshd[17376]: Failed password for invalid user cav from 198.199.83.59 port 60899 ssh2	2020-03-10 06:54:37
198.143.180.237	attack	Sep 26 10:35:36 ms-srv sshd[46478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.143.180.237 Sep 26 10:35:37 ms-srv sshd[46478]: Failed password for invalid user waleed from 198.143.180.237 port 35002 ssh2	2020-03-10 07:08:34
198.199.73.177	attackbotsspam	Dec 12 08:48:50 woltan sshd[5359]: Failed password for invalid user named from 198.199.73.177 port 44994 ssh2	2020-03-10 06:56:32
198.181.37.245	attackbotsspam	Feb 1 20:13:59 woltan sshd[21804]: Failed password for invalid user developer from 198.181.37.245 port 59698 ssh2	2020-03-10 07:02:47
203.56.24.180	attackbots	2020-03-09T22:14:10.542974 sshd[23242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.56.24.180 2020-03-09T22:14:10.529012 sshd[23242]: Invalid user irc from 203.56.24.180 port 41410 2020-03-09T22:14:12.072899 sshd[23242]: Failed password for invalid user irc from 203.56.24.180 port 41410 ssh2 2020-03-10T00:14:19.569049 sshd[25178]: Invalid user shiba from 203.56.24.180 port 56862 ...	2020-03-10 07:15:00
129.211.124.29	attackspam	Mar 10 00:05:15 server sshd\[16363\]: Invalid user sdtdserver from 129.211.124.29 Mar 10 00:05:15 server sshd\[16363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.29 Mar 10 00:05:17 server sshd\[16363\]: Failed password for invalid user sdtdserver from 129.211.124.29 port 53270 ssh2 Mar 10 00:12:52 server sshd\[17678\]: Invalid user mother from 129.211.124.29 Mar 10 00:12:52 server sshd\[17678\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.29 ...	2020-03-10 06:59:08
198.211.114.208	attackbots	Nov 21 00:25:31 woltan sshd[3766]: Failed password for invalid user support from 198.211.114.208 port 32872 ssh2	2020-03-10 06:43:53
198.100.144.115	attackbotsspam	Jun 2 09:58:02 ms-srv sshd[24762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.100.144.115 Jun 2 09:58:04 ms-srv sshd[24762]: Failed password for invalid user badachi from 198.100.144.115 port 33488 ssh2	2020-03-10 07:15:30

Recently Reported IPs

66.196.134.2	192.176.71.128	43.18.129.151	180.160.86.137
43.254.133.51	203.50.70.230	142.84.24.152	216.34.83.9
189.51.2.101	126.95.208.87	33.53.196.184	59.102.177.136
153.77.165.77	74.5.50.23	113.228.177.167	152.129.63.122
189.233.71.62	193.111.77.246	125.93.228.204	59.42.88.242